Wireshark-bugs: [Wireshark-bugs] [Bug 2899] crash when loading malformed dns packets
Date: Fri, 26 Sep 2008 02:29:57 -0700 (PDT)
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=2899 --- Comment #10 from David Maciejak <david.maciejak@xxxxxxxxx> 2008-09-26 02:29:55 PDT --- Created an attachment (id=2265) --> (https://bugs.wireshark.org/bugzilla/attachment.cgi?id=2265) seg fault previous poc seem to trigger some memory lost trouble, this one is a seg fault, see below the tshark gdb backtrace: Program received signal SIGSEGV, Segmentation fault. [Switching to Thread 0xb60f3b60 (LWP 21687)] 0xb61aae66 in ?? () from /lib/tls/i686/cmov/libc.so.6 (gdb) backtrace #0 0xb61aae66 in ?? () from /lib/tls/i686/cmov/libc.so.6 #1 0xb61acedd in ?? () from /lib/tls/i686/cmov/libc.so.6 #2 0xb61aecad in malloc () from /lib/tls/i686/cmov/libc.so.6 #3 0xb6525dcd in g_malloc () from /usr/lib/libglib-2.0.so.0 #4 0xb69ccc0e in ep_alloc (size=1149) at emem.c:414 #5 0xb6d61003 in dissect_nbns (tvb=0x846d208, pinfo=0x8474f40, tree=0x846b798) at packet-nbns.c:422 #6 0xb69d7264 in call_dissector_through_handle (handle=0x83bdda0, tvb=0x846d208, pinfo=0x8474f40, tree=0x846b798) at packet.c:396 #7 0xb69d79e7 in call_dissector_work (handle=0x83bdda0, tvb=0x846d208, pinfo_arg=0x8474f40, tree=0x846b798) at packet.c:485 #8 0xb69d8cb9 in dissector_try_port (sub_dissectors=0x834ffa8, port=137, tvb=0x846d208, pinfo=0x8474f40, tree=0x846b798) at packet.c:870 #9 0xb6f2ddc8 in decode_udp_ports (tvb=0x8366f30, offset=8, pinfo=0x8474f40, tree=0x846b798, uh_sport=137, uh_dport=137, uh_ulen=58) at packet-udp.c:159 #10 0xb6f2e509 in dissect (tvb=0x8366f30, pinfo=0x8474f40, tree=0x846b798, ip_proto=1114112) at packet-udp.c:427 #11 0xb6f2ee59 in dissect_udp (tvb=0x8366f30, pinfo=0x8474f40, tree=0x846b798) at packet-udp.c:434 #12 0xb69d7264 in call_dissector_through_handle (handle=0x83eabb8, tvb=0x8366f30, pinfo=0x8474f40, tree=0x846b798) at packet.c:396 #13 0xb69d79e7 in call_dissector_work (handle=0x83eabb8, tvb=0x8366f30, pinfo_arg=0x8474f40, tree=0x846b798) at packet.c:485 #14 0xb69d8cb9 in dissector_try_port (sub_dissectors=0x81cfed0, port=17, tvb=0x8366f30, pinfo=0x8474f40, tree=0x846b798) at packet.c:870 #15 0xb6cba6f8 in dissect_ip (tvb=0x846d598, pinfo=0x8474f40, parent_tree=0x846b798) at packet-ip.c:1564 #16 0xb69d7264 in call_dissector_through_handle (handle=0x81d03f8, tvb=0x846d598, pinfo=0x8474f40, tree=0x846b798) at packet.c:396 #17 0xb69d79e7 in call_dissector_work (handle=0x81d03f8, tvb=0x846d598, pinfo_arg=0x8474f40, tree=0x846b798) at packet.c:485 #18 0xb69d8cb9 in dissector_try_port (sub_dissectors=0x814d368, port=2048, tvb=0x846d598, pinfo=0x8474f40, tree=0x846b798) at packet.c:870 #19 0xb6bddaa5 in ethertype (etype=2048, tvb=0x846d730, offset_after_etype=16, pinfo=0x8474f40, tree=0x846b798, fh_tree=0x84617e8, etype_id=52383, trailer_id=52384, fcs_len=0) at packet-ethertype.c:215 #20 0xb6e91246 in dissect_sll (tvb=0x846d730, pinfo=0x8474f40, tree=0x846b798) at packet-sll.c:281 #21 0xb69d7264 in call_dissector_through_handle (handle=0x83e7d10, tvb=0x846d730, pinfo=0x8474f40, tree=0x846b798) at packet.c:396 #22 0xb69d79e7 in call_dissector_work (handle=0x83e7d10, tvb=0x846d730, pinfo_arg=0x8474f40, tree=0x846b798) at packet.c:485 #23 0xb69d8cb9 in dissector_try_port (sub_dissectors=0x8166bc0, port=25, tvb=0x846d730, pinfo=0x8474f40, tree=0x846b798) at packet.c:870 #24 0xb6c27169 in dissect_frame (tvb=0x846d730, pinfo=0x8474f40, parent_tree=0x846b798) at packet-frame.c:305 #25 0xb69d7264 in call_dissector_through_handle (handle=0x817bf30, tvb=0x846d730, pinfo=0x8474f40, tree=0x846b798) at packet.c:396 #26 0xb69d79e7 in call_dissector_work (handle=0x817bf30, tvb=0x846d730, pinfo_arg=0x8474f40, tree=0x846b798) at packet.c:485 #27 0xb69d7b90 in call_dissector (handle=0x817bf30, tvb=0x846d730, pinfo=0x8474f40, tree=0x846b798) at packet.c:1787 #28 0xb69d980b in dissect_packet (edt=0x8474f38, pseudo_header=0x84440e4, pd=0x844a9f0 "", fd=0xbfeaaba4, cinfo=0x0) at packet.c:332 #29 0xb69ce8c4 in epan_dissect_run (edt=0x8474f38, pseudo_header=0x84440e4, data=0x844a9f0 "", fd=0xbfeaaba4, cinfo=0x0) at epan.c:161 #30 0x08063a9c in process_packet (cf=0x80743c0, offset=73320, whdr=0x84440d0, pseudo_header=0x84440e4, pd=0x844a9f0 "") at tshark.c:2452 #31 0x080666d8 in main (argc=3, argv=0xbfeaaec4) at tshark.c:2248 hope this help -- Configure bugmail: https://bugs.wireshark.org/bugzilla/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are the assignee for the bug.
- References:
- [Wireshark-bugs] [Bug 2899] New: crash when loading malformed dns packets
- From: bugzilla-daemon
- [Wireshark-bugs] [Bug 2899] New: crash when loading malformed dns packets
- Prev by Date: [Wireshark-bugs] [Bug 2899] crash when loading malformed dns packets
- Next by Date: [Wireshark-bugs] [Bug 2902] New: Crash when loading capture file and Preferences: NO Info column
- Previous by thread: [Wireshark-bugs] [Bug 2899] crash when loading malformed dns packets
- Next by thread: [Wireshark-bugs] [Bug 2899] crash when loading malformed dns packets
- Index(es):